<?php
	require("includes/basic.php");
	
	if(!isset($_SESSION['uid']) && $userType!='O')
	{
		header("location:authorise.php");
	}
	$title=$_POST['tempname'];
	$checktitle=mysql_query("select * from templates where title=$title");
	if(mysql_num_rows()>0)
	{
	header("Location:add-template.php?e=y");
	}
  	$cont=addslashes($_POST['tempcont']);  
	$msg=$cont;
   	$creator=$userId;
    $sq1="insert into templates(`title`,`content`,`created_by`,`created_on`) value('".$title."','".$msg."',$creator,sysdate())";
	$result=mysql_query($sq1);	
	$gettempid=mysql_query('select * from templates where created_on=sysdate()');
	$tempidr=mysql_fetch_array($gettempid);
	extract($tempidr);
	$tempid=$tempidr['content_id'];
	if($_FILES['uploadedfile']['size'] > 0 || $_FILES['file']['size'] > 0 || $_FILES['file2']['size'] > 0 || $_FILES['file3']['size'] > 0 || $_FILES['file4']['size'] > 0 || $_FILES['file5']['size'] > 0)
	{
		mkdir("templates/".$title);
		$target_path="templates/".$title;
	
	if(isset($_POST['submit']) && $_FILES['uploadedfile']['size'] > 0)
			{
				$fileName = $_FILES['uploadedfile']['name'];
				$tmpName = $_FILES['uploadedfile']['tmp_name'];
				$fileSize = $_FILES['uploadedfile']['size'];
				$fileType = $_FILES['uploadedfile']['type'];

				$fp      = fopen($tmpName, 'r');
				$content = fread($fp, filesize($tmpName));
				$content = addslashes($content);
				fclose($fp);

				if(!get_magic_quotes_gpc())
				{
					$fileName = addslashes($fileName);
				}

				$query = "INSERT INTO template_images (temp_id, name, size, type, content) VALUES ('$tempid','$fileName', '$fileSize', '$fileType', '$content')";

				mysql_query($query) or die('Error, query failed'); 

				$filePath = $target_path ."/".$fileName;

				$result = move_uploaded_file($tmpName, $filePath);
				if (!$result) {
				echo "Error uploading file";
				exit;
				}
				//echo "uploaded";
			}
			
			if(isset($_POST['submit']) && $_FILES['file']['size'] > 0)
			{

				$fileName1 = $_FILES['file']['name'];
				$tmpName1 = $_FILES['file']['tmp_name'];
				$fileSize1 = $_FILES['file']['size'];
				$fileType1 = $_FILES['file']['type'];

				$fp1      = fopen($tmpName1, 'r');
				$content1 = fread($fp, filesize($tmpName1));
				$content1 = addslashes($content1);
				fclose($fp1);

				if(!get_magic_quotes_gpc())
				{
					$fileName1 = addslashes($fileName1);
				}

				$query = "INSERT INTO template_images (temp_id, name, size, type, content) VALUES ('$tempid','$fileName1', '$fileSize1', '$fileType1', '$content1')";

				mysql_query($query) or die('Error, query failed'); 

				$filePath1 = $target_path ."/". $fileName1;

				$result1 = move_uploaded_file($tmpName1, $filePath1);
				if (!$result1) {
				echo "Error uploading file";
				exit;
				}
				echo "uploaded";
			}



	if(isset($_POST['submit']) && $_FILES['file2']['size'] > 0)
			{

				$fileName2 = $_FILES['file2']['name'];
				$tmpName2 = $_FILES['file2']['tmp_name'];
				$fileSize2 = $_FILES['file2']['size'];
				$fileType2 = $_FILES['file2']['type'];

				$fp2      = fopen($tmpName2, 'r');
				$content2 = fread($fp2, filesize($tmpName2));
				$content2 = addslashes($content2);
				fclose($fp2);

				if(!get_magic_quotes_gpc())
				{
					$fileName2 = addslashes($fileName2);
				}

				$query = "INSERT INTO template_images (temp_id, name, size, type, content) VALUES ('$tempid','$fileName2', '$fileSize2', '$fileType2', '$content2')";

				mysql_query($query) or die('Error, query failed'); 

				$filePath2 = $target_path . "/". $fileName2;

				$result2 = move_uploaded_file($tmpName2, $filePath2);
				if (!$result2) {
				echo "Error uploading file";
				exit;
				}
				echo "uploaded";
			}



	if(isset($_POST['submit']) && $_FILES['file3']['size'] > 0)
			{

				$fileName3 = $_FILES['file3']['name'];
				$tmpName3 = $_FILES['file3']['tmp_name'];
				$fileSize3 = $_FILES['file3']['size'];
				$fileType3 = $_FILES['file3']['type'];

				$fp3      = fopen($tmpName3, 'r');
				$content3 = fread($fp3, filesize($tmpName3));
				$content3 = addslashes($content3);
				fclose($fp3);

				if(!get_magic_quotes_gpc())
				{
					$fileName3 = addslashes($fileName3);
				}

				$query = "INSERT INTO template_images (temp_id, name, size, type, content) VALUES ('$tempid','$fileName3', '$fileSize3', '$fileType3', '$content3')";
				mysql_query($query) or die('Error, query failed'); 

				$filePath3 = $target_path ."/". $fileName3;

				$result3 = move_uploaded_file($tmpName3, $filePath3);
				if (!$result3) {
				echo "Error uploading file";
				exit;
				}
				echo "uploaded";
			}



	if(isset($_POST['submit']) && $_FILES['file4']['size'] > 0)
			{

				$fileName4 = $_FILES['file4']['name'];
				$tmpName4 = $_FILES['file4']['tmp_name'];
				$fileSize4 = $_FILES['file4']['size'];
				$fileType4 = $_FILES['file4']['type'];

				$fp4      = fopen($tmpName4, 'r');
				$content4 = fread($fp4, filesize($tmpName4));
				$content4 = addslashes($content4);
				fclose($fp4);

				if(!get_magic_quotes_gpc())
				{
					$fileName4 = addslashes($fileName4);
				}

				$query = "INSERT INTO template_images (temp_id, name, size, type, content) VALUES ('$tempid','$fileName4', '$fileSize4', '$fileType4', '$content4')";

				mysql_query($query) or die('Error, query failed'); 

				$filePath4 = $target_path ."/". $fileName4;

				$result4 = move_uploaded_file($tmpName4, $filePath4);
				if (!$result4) {
				echo "Error uploading file";
				exit;
				}
				echo "uploaded";
			}



	if(isset($_POST['submit']) && $_FILES['file5']['size'] > 0)
			{

				$fileName5 = $_FILES['file5']['name'];
				$tmpName5 = $_FILES['file5']['tmp_name'];
				$fileSize5 = $_FILES['file5']['size'];
				$fileType5 = $_FILES['file5']['type'];

				$fp5      = fopen($tmpName5, 'r');
				$content5 = fread($fp5, filesize($tmpName5));
				$content5 = addslashes($content5);
				fclose($fp5);

				if(!get_magic_quotes_gpc())
				{
					$fileName5 = addslashes($fileName5);
				}

				$query = "INSERT INTO template_images (temp_id, name, size, type, content) VALUES ('$tempid','$fileName5', '$fileSize5', '$fileType5', '$content5')";

				mysql_query($query) or die('Error, query failed'); 

				$filePath5 = $target_path ."/". $fileName5;

				$result5 = move_uploaded_file($tmpName5, $filePath5);
				if (!$result5) {
				echo "Error uploading file";
				exit;
				}
				echo "uploaded";
			}
			}
			if($result)
			{
				header("Location:view-templates.php");
			}
?>
